그누보드5 정식버전

plugin/sns/facebook/.gitignore

@@ -0,0 +1 @@
+/coverage/

plugin/sns/facebook/.travis.yml

@@ -0,0 +1,5 @@
+language: php
+php:
+  - 5.3
+  - 5.4
+script: phpunit --stderr --bootstrap tests/bootstrap.php tests/tests.php

plugin/sns/facebook/_common.php

@@ -0,0 +1,3 @@
+<?php
+include_once("../../../common.php");
+?>

plugin/sns/facebook/callback.php

@@ -0,0 +1,62 @@
+<?php
+include_once("./_common.php");
+include_once(G5_SNS_PATH."/facebook/src/facebook.php");
+
+$facebook = new Facebook(array(
+    'appId'  => $config['cf_facebook_appid'],
+    'secret' => $config['cf_facebook_secret']
+));
+
+$user = $facebook->getUser();
+
+if ($user) {
+    try {
+        $user_profile = $facebook->api('/me');
+    } catch (FacebookApiException $e) {
+        error_log($e);
+        $user = NULL;
+    }
+}
+
+$g5['title'] = '페이스북 콜백';
+include_once(G5_PATH.'/head.sub.php');
+
+if ($user) {
+    $sns_name = $user_profile['name'];
+    $sns_user = $user;
+
+    set_cookie('ck_sns_name', $sns_name, 86400);
+    set_session('ss_facebook_user', $user);
+
+    $g5_sns_url = G5_SNS_URL;
+
+    echo <<<EOT
+    <script>
+    $(function() {
+        document.write("<strong>페이스북 승인이 되었습니다.</strong>");
+
+        var opener = window.opener;
+        opener.$("#wr_name").val("{$sns_name}");
+        opener.$("#facebook_icon").attr("src", "{$g5_sns_url}/icon/facebook.png");
+        opener.$("#facebook_checked").attr("disabled", false);
+        opener.$("#facebook_checked").attr("checked", true);
+        window.close();
+    });
+    </script>
+EOT;
+
+} else {
+
+    echo <<<EOT
+    <script>
+    $(function() {
+        alert("페이스북 승인이 되지 않았습니다.");
+        window.close();
+    });
+    </script>
+EOT;
+
+}
+
+include_once(G5_PATH.'/tail.sub.php');
+?>

plugin/sns/facebook/changelog.md

@@ -0,0 +1,28 @@
+Facebook PHP SDK (v.3.0.0)
+==========================
+
+The new PHP SDK (v3.0.0) is a major upgrade to the older one (v2.2.x):
+
+- Uses OAuth authentication flows instead of our legacy authentication flow
+- Consists of two classes. The first (class BaseFacebook) maintains the core of the upgrade, and the second one (class Facebook) is a small subclass that uses PHP sessions to store the user id and access token.
+
+If you’re currently using the PHP SDK (v2.2.x) for authentication, you will recall that the login code looked like this:
+
+     $facebook = new Facebook(…);
+     $session = $facebook->getSession();
+     if ($session) {
+       // proceed knowing you have a valid user session
+     } else {
+       // proceed knowing you require user login and/or authentication
+     }
+
+The login code is now:
+
+     $facebook = new Facebook(…);
+     $user = $facebook->getUser();
+     if ($user) {
+       // proceed knowing you have a logged in user who's authenticated
+     } else {
+       // proceed knowing you require user login and/or authentication
+     }
+

plugin/sns/facebook/composer.json

@@ -0,0 +1,22 @@
+{
+    "name": "facebook/php-sdk",
+    "description": "Facebook PHP SDK",
+    "keywords": ["facebook", "sdk"],
+    "type": "library",
+    "homepage": "https://github.com/facebook/facebook-php-sdk",
+    "license": "Apache2",
+    "authors": [
+        {
+            "name": "Facebook",
+            "homepage": "https://github.com/facebook/facebook-php-sdk/contributors"
+        }
+    ],
+    "require": {
+        "php": ">=5.2.0",
+        "ext-curl": "*",
+        "ext-json": "*"
+    },
+    "autoload": {
+        "classmap": ["src"]
+    }
+}

plugin/sns/facebook/examples/example.php

@@ -0,0 +1,105 @@
+<?php
+/**
+ * Copyright 2011 Facebook, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License. You may obtain
+ * a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+
+require '../src/facebook.php';
+
+// Create our Application instance (replace this with your appId and secret).
+$facebook = new Facebook(array(
+  'appId'  => '119146498278078',
+  'secret' => '6ffd7e325e2b4fbd83a2eebf9c6f33f9',
+));
+
+// Get User ID
+$user = $facebook->getUser();
+
+// We may or may not have this data based on whether the user is logged in.
+//
+// If we have a $user id here, it means we know the user is logged into
+// Facebook, but we don't know if the access token is valid. An access
+// token is invalid if the user logged out of Facebook.
+
+if ($user) {
+  try {
+    // Proceed knowing you have a logged in user who's authenticated.
+    $user_profile = $facebook->api('/me');
+  } catch (FacebookApiException $e) {
+    error_log($e);
+    $user = null;
+  }
+}
+
+// Login or logout url will be needed depending on current user state.
+if ($user) {
+  $logoutUrl = $facebook->getLogoutUrl();
+} else {
+  $loginUrl = $facebook->getLoginUrl();
+}
+
+// This call will always work since we are fetching public data.
+$naitik = $facebook->api('/naitik');
+
+?>
+<!doctype html>
+<html xmlns:fb="http://www.facebook.com/2008/fbml">
+  <head>
+    <title>php-sdk</title>
+    <style>
+      body {
+        font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
+      }
+      h1 a {
+        text-decoration: none;
+        color: #3b5998;
+      }
+      h1 a:hover {
+        text-decoration: underline;
+      }
+    </style>
+  </head>
+  <body>
+    <h1>php-sdk</h1>
+
+    <?php if ($user): ?>
+      <a href="<?php echo $logoutUrl; ?>">Logout</a>
+    <?php else: ?>
+      <div>
+        Login using OAuth 2.0 handled by the PHP SDK:
+        <a href="<?php echo $loginUrl; ?>">Login with Facebook</a>
+      </div>
+    <?php endif ?>
+
+    <h3>PHP Cookie</h3>
+    <pre><?php print_r($_COOKIE); ?></pre>
+
+    <h3>PHP Session</h3>
+    <pre><?php print_r($_SESSION); ?></pre>
+
+    <?php if ($user): ?>
+      <h3>You</h3>
+      <img src="https://graph.facebook.com/<?php echo $user; ?>/picture">
+
+      <h3>Your User Object (/me)</h3>
+      <pre><?php print_r($user_profile); ?></pre>
+    <?php else: ?>
+      <strong><em>You are not Connected.</em></strong>
+    <?php endif ?>
+
+    <h3>Public profile of Naitik</h3>
+    <img src="https://graph.facebook.com/naitik/picture">
+    <?php echo $naitik['name']; ?>
+  </body>
+</html>

plugin/sns/facebook/examples/with_js_sdk.php

@@ -0,0 +1,62 @@
+<?php
+
+require '../src/facebook.php';
+
+$facebook = new Facebook(array(
+  'appId'  => '119146498278078',
+  'secret' => '6ffd7e325e2b4fbd83a2eebf9c6f33f9',
+));
+
+// See if there is a user from a cookie
+$user = $facebook->getUser();
+
+if ($user) {
+  try {
+    // Proceed knowing you have a logged in user who's authenticated.
+    $user_profile = $facebook->api('/me');
+  } catch (FacebookApiException $e) {
+    echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>';
+    $user = null;
+  }
+}
+
+?>
+<!DOCTYPE html>
+<html xmlns:fb="http://www.facebook.com/2008/fbml">
+  <body>
+    <h3>PHP Cookie</h3>
+    <pre><?php print_r($_COOKIE); ?></pre>
+
+    <?php if ($user) { ?>
+      Your user profile is
+      <pre>
+        <?php print htmlspecialchars(print_r($user_profile, true)) ?>
+      </pre>
+    <?php } else { ?>
+      <fb:login-button></fb:login-button>
+    <?php } ?>
+    <div id="fb-root"></div>
+    <script>
+      window.fbAsyncInit = function() {
+        FB.init({
+          appId: '<?php echo $facebook->getAppID() ?>',
+          cookie: true,
+          xfbml: true,
+          oauth: true
+        });
+        FB.Event.subscribe('auth.login', function(response) {
+          window.location.reload();
+        });
+        FB.Event.subscribe('auth.logout', function(response) {
+          window.location.reload();
+        });
+      };
+      (function() {
+        var e = document.createElement('script'); e.async = true;
+        e.src = document.location.protocol +
+          '//connect.facebook.net/en_US/all.js';
+        document.getElementById('fb-root').appendChild(e);
+      }());
+    </script>
+  </body>
+</html>

plugin/sns/facebook/readme.md

@@ -0,0 +1,85 @@
+Facebook PHP SDK (v.3.2.2)
+
+The [Facebook Platform](http://developers.facebook.com/) is
+a set of APIs that make your app more social.
+
+This repository contains the open source PHP SDK that allows you to
+access Facebook Platform from your PHP app. Except as otherwise noted,
+the Facebook PHP SDK is licensed under the Apache Licence, Version 2.0
+(http://www.apache.org/licenses/LICENSE-2.0.html).
+
+
+Usage
+-----
+
+The [examples][examples] are a good place to start. The minimal you'll need to
+have is:
+
+    require 'facebook-php-sdk/src/facebook.php';
+
+    $facebook = new Facebook(array(
+      'appId'  => 'YOUR_APP_ID',
+      'secret' => 'YOUR_APP_SECRET',
+    ));
+
+    // Get User ID
+    $user = $facebook->getUser();
+
+To make [API][API] calls:
+
+    if ($user) {
+      try {
+        // Proceed knowing you have a logged in user who's authenticated.
+        $user_profile = $facebook->api('/me');
+      } catch (FacebookApiException $e) {
+        error_log($e);
+        $user = null;
+      }
+    }
+
+Login or logout url will be needed depending on current user state.
+
+    if ($user) {
+      $logoutUrl = $facebook->getLogoutUrl();
+    } else {
+      $loginUrl = $facebook->getLoginUrl();
+    }
+
+[examples]: http://github.com/facebook/facebook-php-sdk/blob/master/examples/example.php
+[API]: http://developers.facebook.com/docs/api
+
+
+Tests
+-----
+
+In order to keep us nimble and allow us to bring you new functionality, without
+compromising on stability, we have ensured full test coverage of the SDK.
+We are including this in the open source repository to assure you of our
+commitment to quality, but also with the hopes that you will contribute back to
+help keep it stable. The easiest way to do so is to file bugs and include a
+test case.
+
+The tests can be executed by using this command from the base directory:
+
+    phpunit --stderr --bootstrap tests/bootstrap.php tests/tests.php
+
+
+Contributing
+===========
+For us to accept contributions you will have to first have signed the
+[Contributor License Agreement](https://developers.facebook.com/opensource/cla).
+
+When commiting, keep all lines to less than 80 characters, and try to
+follow the existing style.
+
+Before creating a pull request, squash your commits into a single commit.
+
+Add the comments where needed, and provide ample explanation in the
+commit message.
+
+
+Report Issues/Bugs
+===============
+[Bugs](https://developers.facebook.com/bugs)
+
+[Questions](http://facebook.stackoverflow.com)

plugin/sns/facebook/src/facebook.php

@@ -0,0 +1,160 @@
+<?php
+/**
+ * Copyright 2011 Facebook, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License. You may obtain
+ * a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+
+require_once "base_facebook.php";
+
+/**
+ * Extends the BaseFacebook class with the intent of using
+ * PHP sessions to store user ids and access tokens.
+ */
+class Facebook extends BaseFacebook
+{
+  const FBSS_COOKIE_NAME = 'fbss';
+
+  // We can set this to a high number because the main session
+  // expiration will trump this.
+  const FBSS_COOKIE_EXPIRE = 31556926; // 1 year
+
+  // Stores the shared session ID if one is set.
+  protected $sharedSessionID;
+
+  /**
+   * Identical to the parent constructor, except that
+   * we start a PHP session to store the user ID and
+   * access token if during the course of execution
+   * we discover them.
+   *
+   * @param Array $config the application configuration. Additionally
+   * accepts "sharedSession" as a boolean to turn on a secondary
+   * cookie for environments with a shared session (that is, your app
+   * shares the domain with other apps).
+   * @see BaseFacebook::__construct in facebook.php
+   */
+  public function __construct($config) {
+    if (!session_id()) {
+      session_start();
+    }
+    parent::__construct($config);
+    if (!empty($config['sharedSession'])) {
+      $this->initSharedSession();
+    }
+  }
+
+  protected static $kSupportedKeys =
+    array('state', 'code', 'access_token', 'user_id');
+
+  protected function initSharedSession() {
+    $cookie_name = $this->getSharedSessionCookieName();
+    if (isset($_COOKIE[$cookie_name])) {
+      $data = $this->parseSignedRequest($_COOKIE[$cookie_name]);
+      if ($data && !empty($data['domain']) &&
+          self::isAllowedDomain($this->getHttpHost(), $data['domain'])) {
+        // good case
+        $this->sharedSessionID = $data['id'];
+        return;
+      }
+      // ignoring potentially unreachable data
+    }
+    // evil/corrupt/missing case
+    $base_domain = $this->getBaseDomain();
+    $this->sharedSessionID = md5(uniqid(mt_rand(), true));
+    $cookie_value = $this->makeSignedRequest(
+      array(
+        'domain' => $base_domain,
+        'id' => $this->sharedSessionID,
+      )
+    );
+    $_COOKIE[$cookie_name] = $cookie_value;
+    if (!headers_sent()) {
+      $expire = time() + self::FBSS_COOKIE_EXPIRE;
+      setcookie($cookie_name, $cookie_value, $expire, '/', '.'.$base_domain);
+    } else {
+      // @codeCoverageIgnoreStart
+      self::errorLog(
+        'Shared session ID cookie could not be set! You must ensure you '.
+        'create the Facebook instance before headers have been sent. This '.
+        'will cause authentication issues after the first request.'
+      );
+      // @codeCoverageIgnoreEnd
+    }
+  }
+
+  /**
+   * Provides the implementations of the inherited abstract
+   * methods.  The implementation uses PHP sessions to maintain
+   * a store for authorization codes, user ids, CSRF states, and
+   * access tokens.
+   */
+  protected function setPersistentData($key, $value) {
+    if (!in_array($key, self::$kSupportedKeys)) {
+      self::errorLog('Unsupported key passed to setPersistentData.');
+      return;
+    }
+
+    $session_var_name = $this->constructSessionVariableName($key);
+    $_SESSION[$session_var_name] = $value;
+  }
+
+  protected function getPersistentData($key, $default = false) {
+    if (!in_array($key, self::$kSupportedKeys)) {
+      self::errorLog('Unsupported key passed to getPersistentData.');
+      return $default;
+    }
+
+    $session_var_name = $this->constructSessionVariableName($key);
+    return isset($_SESSION[$session_var_name]) ?
+      $_SESSION[$session_var_name] : $default;
+  }
+
+  protected function clearPersistentData($key) {
+    if (!in_array($key, self::$kSupportedKeys)) {
+      self::errorLog('Unsupported key passed to clearPersistentData.');
+      return;
+    }
+
+    $session_var_name = $this->constructSessionVariableName($key);
+    unset($_SESSION[$session_var_name]);
+  }
+
+  protected function clearAllPersistentData() {
+    foreach (self::$kSupportedKeys as $key) {
+      $this->clearPersistentData($key);
+    }
+    if ($this->sharedSessionID) {
+      $this->deleteSharedSessionCookie();
+    }
+  }
+
+  protected function deleteSharedSessionCookie() {
+    $cookie_name = $this->getSharedSessionCookieName();
+    unset($_COOKIE[$cookie_name]);
+    $base_domain = $this->getBaseDomain();
+    setcookie($cookie_name, '', 1, '/', '.'.$base_domain);
+  }
+
+  protected function getSharedSessionCookieName() {
+    return self::FBSS_COOKIE_NAME . '_' . $this->getAppId();
+  }
+
+  protected function constructSessionVariableName($key) {
+    $parts = array('fb', $this->getAppId(), $key);
+    if ($this->sharedSessionID) {
+      array_unshift($parts, $this->sharedSessionID);
+    }
+    return implode('_', $parts);
+  }
+}

plugin/sns/facebook/tests/bootstrap.php

@@ -0,0 +1,5 @@
+<?php
+
+$base = realpath(dirname(__FILE__) . '/..');
+require "$base/src/base_facebook.php";
+require "$base/src/facebook.php";